IBM Cognos Controller Information Disclosure Vulnerability (CNVD-2019-32437)

IBM Cognos Controller is a suite of business intelligence and planning solutions from IBM in the United States. The product features process automation, financial audit control, and the creation and management of financial reports. An information disclosure vulnerability exists in IBM Cognos...

CVE-2019-4175

IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158880...

PT-2019-16950 · Ibm · Ibm Cognos Controller

Name of the Vulnerable Software and Affected Versions: IBM Cognos Controller versions 10.3.0 through 10.4.1 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Recommendations: For...

CVE-2019-4102

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158092...

CVE-2019-4156

IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158572...

IBM Security Access Manager Appliance Weak Encryption Algorithm Vulnerability (CNVD-2019-19294)

IBM Security Access Manager Appliance ISAM Appliance is a network appliance-based security solution from IBM, USA. The product is mainly used for access control and Web-based threat protection, providing system performance monitoring, log analysis and diagnosis. A security vulnerability exists in...

Design/Logic Flaw

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The attack allows for an eavesdropper to capture the communication and decrypt the data...

CVE-2017-14852

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The attack allows for an eavesdropper to capture the communication and decrypt the data...

CVE-2017-14852

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The attack allows for an eavesdropper to capture the communication and decrypt the data...

PT-2019-16996 · Ibm · Ibm Api Connect

Name of the Vulnerable Software and Affected Versions: IBM API Connect versions 5.0.0.0 through 5.0.8.6 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Recommendations: For versio...

OPENSUSE-SU-2019:1432-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: Security issues fixed: - The 9 Lives of Bleichenbacher's CAT: Cache Attacks on TLS Implementations bsc1117951 - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond...

CVE-2018-2007

IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 155078...

Code injection

IBM Sterling B2B Integrator Standard Edition 5.2.0.1, 5.2.6.36, 6.0.0.0, and 6.0.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 147294...

CVE-2018-1925

IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 152925...

CVE-2019-9975

DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key...

CVE-2019-9975

DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key...

openSUSE Security Update : openssl-1_0_0 (openSUSE-2019-1105)

This update for openssl-100 fixes the following issues : Security issues fixed : - The 9 Lives of Bleichenbacher's CAT: Cache Attacks on TLS Implementations bsc1117951 - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respo...

CVE-2019-1748

A vulnerability in the Cisco Network Plug-and-Play PnP agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently validates certificates...

Cisco IOS and IOS XE Proxy Certificate Validation Vulnerability

Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network devices. A certificate validation vulnerability exists in the Cisco Network Plug-and-Play PnP agent in Cisco IOS and IOS XE, which stems from the program's failure to adequately validate certificates, and can b...

CVE-2017-1713

IBM InfoSphere Streams 4.2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134632...